Profiles are used by operating systems to configure operating characteristics of a computer (e.g., user interface schema, favorites lists, etc.) according to user-supplied preferences and provide storage for the user's personal data files (e.g., files on the desktop or in the user's “My Documents” folder). Windows NT operating systems from Microsoft Corporation supports two types of profiles: local profiles and roaming profiles. A local profile is stored and loaded from a fixed location on the local computer. The profile remains at the computer, and is not portable to another computer. Thus, if the user logs onto another computer, a new profile is created for that user from a default profile. As a result, the user ends up with different profiles on each machine that he/she logs onto and hence, each machine looks and feels differently.
A roaming profile travels with the user in a networked environment and is made available to the user regardless of which machine the user logs onto. FIG. 1 shows a client-server architecture 20 that implements conventional roaming profiles. The architecture 20 includes a server 22 connected to serve a client 24 over a network 26. The server 22 has an operating system 28 and a profile store 30 that holds various user profiles. The profiles are associated with the users via a passcode. The client 24 runs an operating system 32.
When the user logs onto the client 24, the user is initially prompted for a user name, domain name, and password. The domain name is used to identify the server 22 and the user name is used to locate a corresponding user profile from the profile store 30. If a profile exists (i.e. the user name is known to the server), the password is used in a challenge response exchange with the server to verify the identity of the user. If the user provided the correct password for the given user name, the user's profile is downloaded from the server 22 to the client 24 and used to configure the client according to the user's preferences.
If additional security is warranted, the architecture may further include smart card tokens. The user is assigned a personal smart card and inserts the smart card into a card reader at the client. In this case, the user name, domain name, and password are stored on the smart card. Instead of the user entering this information, the user enters a passcode that unlocks the card and makes the information available to the client, which then performs the logon process as described above.
One drawback with the roaming architecture is that users have only limited control over their own profiles. A user cannot, for instance, establish a roaming profile without the assistance of a network administrator. The administrator must assign a roaming profile pathname in the user's account on the domain server. The user then has the option to indicate on each machine whether to use a roaming profile or a local profile.
Another drawback with roaming profiles is that the architecture restricts roaming to clients connected to the network 26 with access to the domain server and the profile server 22. The architecture does not allow a user to access his/her profile on a home computer or other standalone computer that is not network attached.
Accordingly, there is a need for a portable device that securely transports a user's profile and related documents (My Documents) to various machines, regardless of whether the machines are connected or standalone. The inventors have developed such a device.